IT Compass
Welcome to the IT Compass
The IT Compass is your internal guideline that covers the complete portfolio of IT NetSec solutions. Our compass helps you navigate through different security layers, from Identity to Compliance, ensuring comprehensive protection for your organization.
How to Use This Guide
The IT Compass is organized into distinct categories, each representing a critical layer of IT security:
🔐 Identity
Manage user identities, authentication, PAM and more using products from different vendors
💎 Assets
Find out what's in your network. What you can't see, you can't protect
🔑 NAC/ZTNA
Get secure access to the network wherever you are.
📶 LAN/WLAN
Access points, switches,... Make sure your devices get connected to the network in the best way possible.
🛡️ Firewall/WAN
Connect to the Internet and protect traffic in/out.
📱 Application
Protect apps against hackers, intruders and make sure they work great
👀 Monitoring
Monitor your network so it works in the most efficient way. Get insights and troubleshoot efficiently
🕵️♂️ Detection, response and disaster recovery
Detect security issues and attacks, and automatically respond to them. Make sure your business recovers from disasters as soon as possible
✅ Compliancy
Make sure you comply with the rules given by local governments or the European Union. Use tools that help you to achieve this without much headaches.
Getting Started
Use the sidebar navigation to explore each category. Within each category, you'll find:
- Overview - Introduction to the security layer
- Subconcepts - Specific security technologies and approaches
- Products - Recommended solutions with detailed information
Click on any category in the sidebar to begin exploring our portfolio of solutions. Each product page includes implementation guidance, use cases, and key features.
General Pitch
This is the more complete version of the IT compass, showing the relationship between different subjects and helping you spot opportunities with customers in a faster way. As you see, every element within the Compass has a relationship with another subject. A quick walkaround below:
Every network and cybersecurity journey starts with identities and assets. If you want to connect to a network, you are either a person connecting using a device, or it is the device itself trying to connect to the network. This is also known as “human and non-human identities”. In any way, you should have a grasp on this. Users need to be managed (through different solutions like IAM) and assets need to be discovered and managed (through solutions like asset discovery, vulnerability management and MDM).
Once you identified an managed these identities and assets, they need to be authenticated. In the ideal situation every user or device connects to the network using authticenation (who, what, where, when, why). This context defines if you are allowed on the network or if it needs to block you. The context also defines the segment of the network you use (VLAN, policies,…). This could be a device connecting to a switch or a wireless access point. However, this type of security also needs to be enforced for remote workers. In that case your identity will be checked against ZTNA (Zero Trust Network Access) that defines which applications a user has permissions on. By default you get no access, except the applicatons defined in policies that match your context.
Now you are authenticated (or rejected) and you can have access to the network. Then your traffic needs to be processed, either wireless or wired. In that case, WiFi access points and switches come in place with their management tooling.
Mostly traffic doesn’t stay within the company. Your traffic should have access towards the Internet . To make that happen, routers are needed to route traffic towards the Wide Area Network (WAN). Mostly, routers are not sufficient anymore and security needs to be in place. That’s where firewalls become useful to filter this traffic in the most secure way. These firewalls can be either virtual or hardware firewalls that you install in your premises, or managed by the vendor in a SASE offering
The ultimate goal of all the previous concepts is to make sure you can use applications. But that also comes with a cost, applications are very vulnerable against attackers and hackers. They want to manipulate your applications using tricks like SQL injections, DDoS attacks and other nasty attacks. That’s why products like Web Application Firewalls are necessary. Also as an IT manager, you should have a grasp on which applications are used to prevent shadow IT from happening. Also for this challenge, solutions are available such as SaaS Management
As you can see there are three concepts that cover the full network and cybersecurity journey. The first one is Monitoring. Monitoring is an important concept to have insights in what is possibly happening, what goes wrong, what can be improved,… Monitoring happens across all the different steps. Observability solutions can give you spot-on hints on what to improve or change and can even rewrite software code to fix your problems.
If anything goes wrong, you need to have a disaster recovery or response plan. That’s why it’s very important to have a 24/7/365 security monitoring that identifies security incidents across your whole journey (identity, assets, authentication, firewalling, application usage,…). A Security Operation Center (SOC) ingests all this information and identifies possible anomalies. If anything happens they act or contact you to fix this as soon as possible. Even if data becomes compromised (such as ransomware attacks, cryptolocker viruses), backups make sure your data stays safe. Backups are available for on-prem data (such as servers, virtual machines, Network Attached Storage (NAS) systems), and for cloud environments (such as Microsoft 365). Of course, disasters are not only security related.What if an update fails or someone does a manual configuration error. In that case Out of Band solutions make sure you have always access to your critical assets such as switches, routers, firewalls, servers,…
This whole journey is driven by compliancy. A lot of companies have to be ISO27001 compliant or need to comply with the European NIS2 regulation. This regulation asks a lot of our IT resellers. However, there are tools that can make life easier. Actually everything above this compliancy block helps the customer to work in the right direction, but there are also other (more administrative oriented) tools that can help. One of these domains is IT Service Management. Within this area products like IT Asset Management, Service Desk are in place.
About Kappa Data
Kappa Data is your trusted IT NetSec distributor, providing comprehensive security solutions across all layers of your IT infrastructure. The IT Compass represents our commitment to helping you navigate the complex landscape of enterprise security.
Ready to explore? Start with Identity or jump to any section using the navigation menu.